https://bugzilla.kernel.org/show_bug.cgi?id=199419 Bug ID: 199419 Summary: mpt3sas triggers KASAN complaint during reboot Product: SCSI Drivers Version: 2.5 Kernel Version: v4.17-rc1 Hardware: x86-64 OS: Linux Tree: Mainline Status: NEW Severity: normal Priority: P1 Component: Other Assignee: scsi_drivers-other@xxxxxxxxxxxxxxxxxxxx Reporter: bvanassche@xxxxxxx Regression: No Created attachment 275411 --> https://bugzilla.kernel.org/attachment.cgi?id=275411&action=edit KASAN complaint Rebooting a system with an mpt3sas adapter causes the following complaint to be reported on the serial console: BUG: KASAN: use-after-free in mpt3sas_scsih_scsi_lookup_get+0xbd/0x120 [mpt3sas] Read of size 1 at addr ffff880807f4030a by task systemd-shutdow/1 CPU: 26 PID: 1 Comm: systemd-shutdow Not tainted 4.17.0-rc1-dbg+ #2 Hardware name: ASUSTeK COMPUTER INC. Z10PE-D16 WS/Z10PE-D16 WS, BIOS 3407 03/10/2017 Call Trace: dump_stack+0x7c/0xbb print_address_description+0x65/0x270 kasan_report+0x232/0x350 mpt3sas_scsih_scsi_lookup_get+0xbd/0x120 [mpt3sas] _scsih_flush_running_cmds+0x85/0x130 [mpt3sas] scsih_shutdown+0x4f/0xe0 [mpt3sas] pci_device_shutdown+0x42/0x80 device_shutdown+0x1af/0x2f0 kernel_restart+0x9/0x50 __do_sys_reboot+0x24e/0x2a0 do_syscall_64+0x5d/0x200 entry_SYSCALL_64_after_hwframe+0x49/0xbe (gdb) list *(mpt3sas_scsih_scsi_lookup_get+0xbd) 0x1fb2d is in mpt3sas_scsih_scsi_lookup_get (drivers/scsi/mpt3sas/mpt3sas_scsih.c:1468). 1463 u32 unique_tag = smid - 1; 1464 1465 scmd = scsi_host_find_tag(ioc->shost, unique_tag); 1466 if (scmd) { 1467 st = scsi_cmd_priv(scmd); 1468 if (st->cb_idx == 0xFF) 1469 scmd = NULL; 1470 } 1471 } 1472 return scmd; -- You are receiving this mail because: You are watching the assignee of the bug.
